org.jenkins-ci.plugins:pipeline-utility-steps

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.jenkins-ci.plugins:pipeline-utility-stepspage 1 of 1

CVE-2022-45381HIGHCVSS 8.1EG 8.1✓ Fixed in 2.13.2
2022-11-15
vulnerable: 1.0 ... 2.9.0 (38 versions)
Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowin…
CVE-2023-32981HIGHCVSS 8.8EG 8.8✓ Fixed in 2.15.3
2023-05-16
vulnerable: 1.0 ... 2.9.0 (44 versions)
An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-s…

Check whether org.jenkins-ci.plugins:pipeline-utility-steps is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:pipeline-utility-steps CVEs against the assets you own.

Start Free Scan →